Multi Factor Authentication Providers

SecureMFA ADFS OTP Provider

OTP authentication for Microsoft ADFS. It is a module for Microsoft ADFS 2019 or ADFS 2016 servers. It enables ADFS servers to provide multi-factor authentication (MFA) using a Time-Based One-Time Password (TOTP) Algorithm which is based on RFC6238. Using this MFA provider users are required to enter a one time pass-code, which is generated on their phones via authenticator application like Microsoft Authenticator , Google Authenticator, Symantec VIP etc. to complete second factor authentication logon.

Deploy the latest SecureMFA Time-base One-Time Pass-code provider for ADFS

Features

  • OTP passcodes for unlimited user accounts.

  • OTP user accounts deactivation

  • OTP data storage in MS SQL service

  • Self-registration with QR code (using free Microsoft Authentication, Google Authentication, Symantec VIP etc. mobile apps)

  • Logs in Windows Applications Log

  • ADFS 2016 and ADFS 2019 support

  • Support of ADFS CSS themes

  • OTP data storage in MS Active Directory attributes or MS SQL Service

  • OTP account lockout feature.

  • OTP validity length can be customised

  • QR secrets encryption with AES 256-bit encryption.

  • Configuration of network locations from which user can scan QR code.

  • Offline QR code generator (Integrated into adapter)

  • QR code customizations. (Advanced configuration)

  • User interface customizations

  • Free version notes are removed

  • Support of ADDS multi-forests trust relationships

Requirements

    • Solution must be deployed on each of ADFS servers (not on Proxy Servers).

    • Requires MS Framework 4.6.1 or later.

SecureMFA ADFS API OTP Provider

OTP authentication for Microsoft Active Directory Federation Service (ADFS). It enables ADFS servers to provide multi-factor authentication (MFA) using a Time-Based One-Time Password (TOTP) Algorithm which is based on RFC6238. Using this MFA provider users are required to enter a one-time passcode to complete a second factor authentication logon process. OTP code is delivered via 3rd party provider’s API Gateway endpoint using HTTP POST. Managed API Gateway service is provided by vendors like Amazon (AWS SNS), Microsoft (Azure Api Management) etc.

Deploy the latest SecureMFA API OTP Provider for ADFS

Features

  • OTP passcodes for unlimited user accounts

  • OTP codes delivery via 3rd party provider’s API endpoint (Message delivery with: SMS, E-MAIL, Phone etc.)

  • OTP user accounts deactivation

  • Logs in Windows Applications Log

  • ADFS 2016 and ADFS 2019 support

  • Proxy configuration

  • Support of ADFS CSS themes

  • OTP data storage in MS SQL service

  • OTP data storage in MS Active Directory attributes

  • OTP account lockout

  • Send API parameters in a message body

  • Customization for POST data values when sending into API endpoint

  • Authentication against API endpoint

  • QR code encryption with AES 256-bit encryption

  • User interface customizations

  • Free version notes are removed

  • Support of ADDS multi-forests trust relationships

Requirements

    • Solution must be deployed on each of ADFS servers (not on Proxy Servers).

    • Requires MS Framework 4.6.1 or later.

SecureMFA ADFS Email OTP Provider

OTP authentication for Microsoft Active Directory Federation Service (ADFS). It enables ADFS servers to provide multi-factor authentication (MFA) using a Time-Based One-Time Password (TOTP) Algorithm which is based on RFC6238. Using this MFA provider users are required to enter a one-time passcode to complete a second factor authentication logon process. OTP code is delivered using SMTP service.

Deploy the latest SecureMFA Email Time Based OTP Provider for ADFS

Features

  • Multi-language UI: English, Spanish, French, German, Chinese, Portuguese, Russian, Italian, Arabic, Turkish, Dutch, Finnish, Swedish, Norwegian, Polish, Danish and Lithuanian.

  • OTP passcodes for unlimited user accounts

  • OTP codes delivery using SMTP service

  • OTP user accounts deactivation

  • OTP data storage in MS SQL service

  • Logs in Windows Applications Log

  • ADFS 2016 and ADFS 2019 support

  • Support of ADFS CSS themes

  • OTP data storage in MS Active Directory attributes or MS SQL Service

  • OTP account lockout

  • OTP validity length can be customised

  • SSL and user authentication support for SMTP service

  • Secrets encryption with AES 256-bit encryption

  • Domain restrictions to receive OTP codes

  • User interface customizations

  • Free version notes are removed

  • Free version notes are removed

Requirements

    • Solution must be deployed on each of your ADFS servers (not on Proxy Servers).

    • Requires MS Framework 4.6.1 or later.

SecureMFA RD Gateway OTP Provider

RD Gateway MFA provider. It is OTP authentication module for Microsoft Remote Desktop Gateway servers (Windows 2019 / 2016) which allows to provide multi-factor authentication for RDS Farms and Remote Desktop Service access using a Time-Based One-Time Password (TOTP) Algorithm . TOTP Algorithm details can be found in RFC6238. Using this MFA provider users are required to enter a one time passcode, which is generated on their phones via authenticator applications like Microsoft Authenticator , Google Authenticator, Symantec VIP etc. to complete second factor authentication logon. This module fully replaces native RD Gateway Client Authentication Policies (CAP) with OTP codes and fully integrates with native RD Gateway Resource Authorization Policies (RAP) for access and control management. More details how RD Gateway API works can be found in MSDN Article.

Deploy the latest SecureMFA RD Gateway OTP Authnetication Provider for Microsoft RD Gateway Service

Features

    • OTP passcodes for unlimited user accounts

    • OTP account lockout

    • QR code secrets decryption with AES 256-bit encryption

    • OTP data storage in MS SQL service

    • OTP user accounts deactivation

    • Integrates with native Microsoft RD Gateway resource authorization policies (RAP)

    • Logs in Windows Applications Log

    • Supported on Windows 2016 or 2019 servers

    • Web Portal which allows to initiate RDP connection using a web browser

Requirements

    • Solution must be deployed on working RD Gateway Server.

    • Requires MS Framework 4.6.1 or later.

Limitations

    • You cannot configure an RD Gateway server to simultaneously use both native authentication and SecureMFA RD Gateway OTP authentication provider.

SecureMFA MS Windows OTP Provider

SecureMFA WIN Authentication Provider is a wrapping of TOTP authentication onto native windows authentication provider. This allows to request MFA authentication during normal windows logon operations. Integration is done by using Windows authentication plug-in architecture.

Deploy the latest SecureMFA WIN OTP Authnetication Provider for Windows

Features

    • TOTP code validation for unlimited user accounts

    • TOTP API message decryption with custom AES 256-bit encryption key.

    • Header authentication against API endpoint.

    • API response message protection against replay or tampering.

    • TOTP Offline authentication.

    • TOTP account lockout feature.

Requirements

    • SecureMFA WIN Authentication Provider supports Windows x64 platforms only.

    • Servers OS minimal version must be Windows 2016

    • Client OS minimal version must be Windows 10